CLAIMS 

What is claimed is: 

1 . A method for providing security with a secure chip, the secure chip 
comprising a public/private key pair, the secure chip residing within a computer, comprising 
the steps of: 

(a) creating a migratable keyblob using a first random number, wherein the 
migratable keyblob contains a key; 

(b) wrapping the migratable keyblob with a public key of the key's parent key; 

(c) encrypting the first random number with a pass phrase for a user of the key; 

(d) storing the encrypted first random number; and 

(e) migrating the migratable keyblob from the computer to itself. 

2. The method of claim 1, wherein the creating step (a) comprises: 
(al) generating a first random number by the secure chip; 

(a2) scrambling the key; and 

(a3) creating the migratable keyblob by XOR the first random number with the 
scrambled key. 

3. The method of claim 1, wherein the encrypting step (c) comprises: 
(c 1 ) receiving the pass phrase for the user of the key; 

(c2) generating a second random number by hashing the pass phrase; 
(c3) generating a third random number by applying a mass generation function 
(MGF) to the second random number; 
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(c4) converting the third random number into a string with a same length as the 
first random number; and 

(c5) generating a fourth random number by XOR the first random number with the 
third random number. 

4. The method of claim 3, wherein the storing step (d) comprises: 
(d 1 ) storing the fourth random number 

5. The method of claim 4, further comprising: 

(f) receiving the pass phrase; 

(g) obtaining the third random number from the pass phrase by reversing the 
MGF and hash used to generate it; 

(h) obtaining the first random number by XOR the third random number with the 
stored fourth random number; 

(i) sending the first random number and the migratable keyblob to the secure 

chip; 

(j) unwrapping the migratable keyblob by the secure chip using the secure chip's 
private key; 

(k) obtaining a scrambled key by XOR the migratable keyblob with the first 
random number; and 

(1) unscrambling the key. 

6. The method of claim 5, further comprising: 
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(m) returning a normal blob for the unscrambled key; and 
(n) discarding the normal blob. 

7. A method for providing security with a secure chip, the secure chip 
comprising a public/private key pair, the secure chip residing on a computer, comprising the 
steps of: 

(a) generating a first random number by the secure chip; 

(b) creating a migratable keyblob using the first random number, wherein the 
migratable keyblob contains a key; 

(c) wrapping the migratable keyblob with the public key of the secure chip; 

(d) receiving a pass phrase for a user of the key; 

(e) generating a second random number based on the pass phrase; 

(f) generating a third random number based on the second random number; 

(g) generating a fourth random number based on the first random number and the 
third random number; 

(h) storing the fourth random number; and 

(i) migrating the migratable keyblob from the computer to itself. 

8. The method of claim 7, wherein the creating step (b) comprises: 
(b 1 ) scrambling the key; and 

(b2) creating the migratable keyblob by XOR the first random number with the 
scrambled key. 
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9. The method of claim 7, wherein the generating step (e) comprises: 
(el) generating the second random number by hashing the pass phrase. 

1 0. The method of claim 7, wherein the generating step (f) comprises: 

(fl ) generating the third random number by applying a MGF to the second 
random number; and 

(£2) converting the third random number into a string with a same length as the 
first random number. 

11. The method of claim 7, wherein the generating step (g) comprises: 

(gl) generating the fourth random number by XOR the first random number with 
the third random number. 

1 2. The method of claim 7, further comprising: 
(j) receiving the pass phrase; 

(k) obtaining the third random number from the pass phrase; 

(1) obtaining the first random number from the third random number and the 
stored fourth random number; 

(m) sending the first random number and the migratable keyblob to the secure 

chip; 

(n) unwrapping the migratable keyblob by the secure chip using the secure chip's 
private key; 

(o) obtaining a scrambled key by XOR the migratable keyblob with the first 
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random number; and 

(p) unscrambling the key. 



13. The method of claim 12, wherein the obtaining step (k) comprises: 

(kl) obtaining the third random number from the pass phrase by reversing a MGF 
and Hash used to generate it. 

14. The method of claim 12, wherein the obtaining step (1) comprises: 

(11) obtaining the first random number by XOR the third random number with the 
stored fourth random number. 

15. The method of claim 12, further comprising: 

(q) returning a normal blob for the unscrambled key; and 
(r) discarding the normal blob. 

1 6. A computer readable medium with program instructions for providing 
security with a secure chip, the secure chip comprising a public/private key pair, the secure 
chip residing on a computer, comprising the instructions for: 

(a) creating a migratable keyblob using a first random number, wherein the 
migratable keyblob contains a key; 

(b) wrapping the migratable keyblob with a public key of the key's parent key; 

(c) encrypting the first random number with a pass phrase for a user of the key; 

(d) storing the encrypted first random number; and 
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(e) migrating the migratable keyblob from the computer to itself. 



1 7. The medium of claim 1 6, wherein the creating instruction (a) comprises 
instructions for: 

(al ) generating a first random number by the secure chip; 
(a2) scrambling the key; and 

(a3) creating the migratable keyblob by XOR the first random number with the 
scrambled key. 



18. The medium of claim 16, wherein the encrypting instruction (c) comprises 
instructions for: 

(c 1 ) receiving the pass phrase for the user of the key; 

(c2) generating a second random number by hashing the pass phrase; 

(c3) generating a third random number by applying a mass generation function 
(MGF) to the second random number; 

(c4) converting the third random number into a string with a same length as the 
first random number; and 

(c5) generating a fourth random number by XOR the first random number with the 
third random number. 



1 9. The medium of claim 1 8, wherein the storing instruction (d) comprises 
instructions for: 

(d 1 ) storing the fourth random number 



RPS920010142US1/2290P 

-15- 



20. The medium of claim 1 9, further comprising instructions for: 

(f) receiving the pass phrase; 

(g) obtaining the third random number from the pass phrase by reversing the 
MGF and hash used to generate it; 

(h) obtaining the first random number by XOR the third random number with the 
stored fourth random number; 

(i) sending the first random number and the migratable keyblob to the secure 

chip; 

0) unwrapping the migratable keyblob by the secure chip using the secure chip's 
private key; 

(k) obtaining a scrambled key by XOR the migratable keyblob with the first 
random number; and 

(1) unscrambling the key. 

2 1 . The medium of claim 20, further comprising instructions for: 
(m) returning a normal blob for the unscrambled key; and 

(n) discarding the normal blob. 

22. A computer readable medium with program instructions for providing 
security with a secure chip, the secure chip comprising a public/private key pair, the secure 
chip residing on a computer, comprising the instructions for: 

(a) generating a first random number by the secure chip; 

(b) creating a migratable keyblob using the first random number, wherein the 
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migratable keyblob contains a key; 

(c) wrapping the migratable keyblob with the public key of the secure chip; 

(d) receiving a pass phrase for a user of the key; 

(e) generating a second random number based on the pass phrase; 

5 (f) generating a third random number based on the second random number; 

(g) generating a fourth random number based on the first random number and the 
third random number; 

(h) storing the fourth random number; and 

K (0 migrating the migratable keyblob from the computer to itself 

I 

23 . The medium of claim 22, wherein the creating instruction (b) comprises 
i w, ' { instructions for: 

% (b 1 ) scrambling the key; and 

'•SKI' 

rU 

(b2) creating the migratable keyblob by XOR the first random number with the 
15 scrambled key. 

24. The medium of claim 22, wherein the generating instructions (e) comprises 
instructions for: 

(el) generating the second random number by hashing the pass phrase. 

20 

25. The medium of claim 22, wherein the generating instructions (f) comprises 
instructions for: 

(fl) generating the third random number by applying a MGF to the second 
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random number; and 

(£2) converting the third random number into a string with a same length as the 
first random number. 



26. The medium of claim 22, wherein the generating instruction (g) comprises 
instructions for: 

(gl) generating the fourth random number by XOR the first random number with 
the third random number. 

27. The medium of claim 22, further comprising instructions for: 
(j) receiving the pass phrase; 

(k) obtaining the third random number from the pass phrase; 
(1) obtaining the first random number from the third random number and the 
stored fourth random number; 

(m) sending the first random number and the migratable keyblob to the secure 

chip; 

(n) unwrapping the migratable keyblob by the secure chip using the secure chip's 
private key; 

(o) obtaining a scrambled key by XOR the migratable keyblob with the first 
random number; and 

(p) unscrambling the key. 

28. The medium of claim 27, wherein the obtaining instruction (k) comprises 
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instructions for: 

(kl) obtaining the third random number from the pass phrase by reversing a MGF 
and Hash used to generate it. 

29. The medium of claim 27, wherein the obtaining instruction (1) comprises 
instructions for: 

(11) obtaining the first random number by XOR the third random number with the 
stored fourth random number. 

30. The medium of claim 27, further comprising: 

(q) returning a normal blob for the unscrambled key; and 
(r) discarding the normal blob. 
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